Hi, I read the project ideas list, and found "server overriding mechanism" is there. I have once tried investigating this issue, but failed to continue at last. Still, I wonder whether I should submit my modification to Glibc for an simple implementation of socket server overriding, though the work is rather minor (see attachment).
I also find "secure chroot implementation" in the list. IMHO, the unsafty of chroot is not caused by passive translator. In fact, currently chroot is implemented totally at client side by changing the INIT_PORT_CRDIR port matained by in Glibc. So, it is easy to escape from chroot by bypassing the file port resolving routine of Glibc, or just by modifying the CRDIR port. No need to exploit passive translators at all. We should first let the file server know and control chroot before making translators aware of it. > > I made a try to implement a basic mechanism of socket servers (pfinet > and pflocal) overriding, as described below. Comments are solicited. > > 1) Add two new environment variables: SERVERS_SOCKET_LOCAL for the > pf_local socket server and SERVERS_SOCKET_INET for the pf_inet server. The > value of each variable should be set to a colon-separated list, and each > element of the list is a file path that specifies a overriding server. > > 2) Hack *_hurd_socket_server* in "hurd/hurdsock.c" of Glibc to check for > the two environment variables. > > For example, when looking up the socket server of pf_inet domain, * > _hurd_socket_server* first checks SERVERS_SOCKET_INET. If > SERVERS_SOCKET_INET is not set or is set to null, then just queries and > returns the port of the default pf_inet server as usual; or else, repeatedly > tries querying each overriding server in the overriding list defined by > SERVERS_SOCKET_INET, until the first existing overriding server is found (or > none is found). > > The modified hurd/hurdsock.c is attached to this mail. I have tested it > with Glibc-2.5. > > Regards, Wei Shen
hurdsock.c
Description: Binary data
